Urgent Security Alert: Google has released emergency patches for a critical Chrome vulnerability that is already being exploited by attackers.
The Vulnerability
Google has issued security updates for its Chrome browser to address a high-severity vulnerability that has been actively exploited in the wild.
The flaw, identified as CVE-2026-2441, carries a base CVSS score of 8.8, placing it in the "high severity" range. It is a use-after-free bug found in the CSS engine. Security researcher Shaheen Fazim reported this vulnerability to Google on February 11, 2026.
According to the NIST's National Vulnerability Database (NVD), this bug allows a remote attacker to execute arbitrary code within a sandbox environment simply by luring a victim into viewing a specially crafted HTML page.
Active Exploitation Confirmed
Google has confirmed that an exploit for CVE-2026-2441 is being actively used in the wild. The company has not disclosed specific details regarding the attack methods, the parties responsible, or the intended targets.
This marks the first actively exploited zero-day vulnerability in Chrome that Google has patched in 2026. For context, Google addressed a total of eight zero-day flaws in Chrome during the previous year that were either actively exploited or demonstrated as proof-of-concept.
Related Security Updates
In a separate but related development, Apple also released urgent updates last week for iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS. Those patches fix a different zero-day flaw (CVE-2026-20700, CVSS score: 7.8), which Apple reported was weaponized in a "sophisticated attack" to execute arbitrary code on devices running iOS versions prior to iOS 26, targeting specific individuals.
Immediate Action Required for Users
"Users are urged to update their Chrome browser immediately to ensure optimal protection."
The patched versions are as follows:
- Windows & macOS: Version 145.0.7632.75/76
- Linux: Version 144.0.7559.75
To update: Navigate to More > Help > About Google Chrome. Chrome will automatically check for the update and apply it. Select Relaunch to complete the process.
Users of other Chromium-based browsers—such as Microsoft Edge, Brave, Opera, and Vivaldi—are also strongly advised to apply available fixes as soon as they are released. These browsers share the same core code and may be vulnerable to the same flaw.